python: Fix representation of UUIDs as strings in zone files rather than binary blobs, fix escaping of LDAP URL's in PHP LDAP admin configuration.

Pair-programmed with Andrew, but git doesn't appear to support multiple --author arguments. :-(
(This used to be commit dff54ff043563f93b86361039c46e662045f62cc)

source4/scripting/python/samba/__init__.py

@@ -91,7 +91,7 @@ class Ldb(ldb.Ldb):
     set_session_info = misc.ldb_set_session_info
     set_loadparm = misc.ldb_set_loadparm
 
-    def searchone(self, basedn, attribute, expression=None, 
+    def searchone(self, attribute, basedn=None, expression=None, 
                   scope=ldb.SCOPE_BASE):
         """Search for one attribute as a string.
         
@@ -106,7 +106,7 @@ class Ldb(ldb.Ldb):
             return None
         values = set(res[0][attribute])
         assert len(values) == 1
-        return values.pop()
+        return self.schema_format_value(attribute, values.pop())
 
     def erase(self):
         """Erase this ldb, removing all records."""

source4/scripting/python/samba/provision.py

@@ -725,7 +725,7 @@ def provision(lp, setup_dir, message, paths, session_info,
     
     if ldap_backend == "ldapi":
     	# provision-backend will set this path suggested slapd command line / fedorads.inf
-    	ldap_backend = "ldapi://" % urllib.quote(os.path.join(lp.get("private dir"), "ldap", "ldapi"))
+    	ldap_backend = "ldapi://" % urllib.quote(os.path.join(lp.get("private dir"), "ldap", "ldapi"), "")
 
     assert realm is not None
     realm = realm.upper()
@@ -860,9 +860,9 @@ def provision(lp, setup_dir, message, paths, session_info,
         samdb = SamDB(paths.samdb, session_info=session_info, 
                       credentials=credentials, lp=lp)
 
-        domainguid = samdb.searchone(domaindn, "objectGUID")
+        domainguid = samdb.searchone(basedn=domaindn, attribute="objectGUID")
         assert isinstance(domainguid, str)
-        hostguid = samdb.searchone(domaindn, "objectGUID",
+        hostguid = samdb.searchone(basedn=domaindn, attribute="objectGUID",
                 expression="(&(objectClass=computer)(cn=%s))" % hostname,
                 scope=SCOPE_SUBTREE)
         assert isinstance(hostguid, str)
@@ -877,14 +877,14 @@ def provision(lp, setup_dir, message, paths, session_info,
     return domaindn
 
 
-def create_phpldapadmin_config(path, setup_path, ldap_backend):
+def create_phpldapadmin_config(path, setup_path, ldapi_uri):
     """Create a PHP LDAP admin configuration file.
 
     :param path: Path to write the configuration to.
     :param setup_path: Function to generate setup paths.
     """
     setup_file(setup_path("phpldapadmin-config.php"), path, 
-            {"S4_LDAPI_URI": ldap_backend})
+            {"S4_LDAPI_URI": ldapi_uri})
 
 
 def create_zone_file(path, setup_path, samdb, dnsdomain, domaindn, 
@@ -903,6 +903,7 @@ def create_zone_file(path, setup_path, samdb, dnsdomain, domaindn,
     :param domainguid: GUID of the domain.
     :param hostguid: GUID of the host.
     """
+    assert isinstance(domainguid, str)
 
     setup_file(setup_path("provision.zone"), path, {
             "DNSPASS_B64": b64encode(dnspass),

source4/scripting/python/samba/samdb.py

@@ -105,7 +105,7 @@ userAccountControl: %u
         assert(len(res) == 1 and res[0].defaultNamingContext is not None)
         domain_dn = res[0]["defaultNamingContext"][0]
         assert(domain_dn is not None)
-        dom_users = self.searchone(domain_dn, "dn", "name=Domain Users")
+        dom_users = self.searchone(basedn=domain_dn, attribute="dn", expression="name=Domain Users")
         assert(dom_users is not None)
 
         user_dn = "CN=%s,CN=Users,%s" % (username, domain_dn)

source4/scripting/python/samba/tests/__init__.py

@@ -79,7 +79,7 @@ class LdbExtensionTests(TestCaseInTempDir):
         l = samba.Ldb(path)
         try:
             l.add({"dn": "foo=dc", "bar": "bla"})
-            self.assertEquals("bla", l.searchone(ldb.Dn(l, "foo=dc"), "bar"))
+            self.assertEquals("bla", l.searchone(basedn=ldb.Dn(l, "foo=dc"), attribute="bar"))
         finally:
             del l
             os.unlink(path)

source4/scripting/python/samba/tests/provision.py

@@ -33,7 +33,7 @@ class ProvisionTestCase(samba.tests.TestCaseInTempDir):
         ldb = setup_secretsdb(path, setup_path, None, None, None)
         try:
             self.assertEquals("LSA Secrets",
-                 ldb.searchone(Dn(ldb, "CN=LSA Secrets"), "CN"))
+                 ldb.searchone(basedn="CN=LSA Secrets", attribute="CN"))
         finally:
             del ldb
             os.unlink(path)
@@ -50,6 +50,14 @@ class ProvisionTestCase(samba.tests.TestCaseInTempDir):
                            machinepass="machinepass", dnsdomain="example.com")
             self.assertEquals(1, 
                     len(secrets_ldb.search("samAccountName=krbtgt,flatname=EXAMPLE,CN=Principals")))
+	    self.assertEquals("keytab.path",
+                    secrets_ldb.searchone(basedn="flatname=EXAMPLE,CN=primary domains", 
+                                          expression="(privateKeytab=*)", 
+                                          attribute="privateKeytab"))
+            self.assertEquals("S-5-22",
+                    secrets_ldb.searchone(basedn="flatname=EXAMPLE,CN=primary domains",
+                                          expression="objectSid=*", attribute="objectSid"))
+
         finally:
             del secrets_ldb
             os.unlink(path)